BlockBeats News, March 3rd, Lido officially stated that the ZKsync wstETH bridge endpoint contract has a potential vulnerability. There is currently no evidence to suggest that the vulnerability has been exploited, and wstETH holders on ZKsync are unaffected. Other bridge contracts are unaffected. As a precautionary measure, Lido has temporarily paused new fund deposits to the ZKsync bridge contract, withdrawals from zkSync, and token transfers are unaffected.
Lido has a fix prepared, which will be audited and deployed during the next scheduled on-chain Lido governance supermajority vote (late March/early April), after which the deposit functionality will resume. Further updates will be provided as the situation develops.
